package com.woniu.liuzhougov.authorityControl.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import com.woniu.liuzhougov.authorityControl.realm.UserRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @version 1.0
 * @Author zhuxinpan
 * @ClassName ShiroConfig
 * @Description 引入shiro进行权限控制
 * @Date 2019/4/19 15:23
 */
@Configuration
public class ShiroConfig {
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean filterFactoryBean = new ShiroFilterFactoryBean();
        filterFactoryBean.setSecurityManager(securityManager);
        Map<String, String> map = new LinkedHashMap<>();
        map.put("/logout", "logout");
        map.put("/login.html", "anon");
        map.put("/user/login", "anon");
        map.put("/user/register", "anon");
        map.put("/css/**", "anon");
        map.put("/js/**", "anon");
        map.put("/images/**", "anon");
        map.put("/authree/**", "anon");
        map.put("/businessprojectConfig/**", "anon");
        map.put("/common/**", "anon");
        map.put("/itemAndTask/**", "anon");
        map.put("/jsplug/**", "anon");
        map.put("/module/**", "anon");
        map.put("/myconfig/**", "anon");
        map.put("/user/getKaptchaImage/**", "anon");
        map.put("/user/registerCode/**", "anon");
        map.put("/user/message/get", "anon");
        map.put("/**", "authc");
        filterFactoryBean.setFilterChainDefinitionMap(map);
        filterFactoryBean.setLoginUrl("/login.html");
        filterFactoryBean.setSuccessUrl("/index.html");
        filterFactoryBean.setUnauthorizedUrl("/403");
        return filterFactoryBean;
    }

    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(UserRealm realm) {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(realm);
        return securityManager;
    }

    @Bean
    public UserRealm customRealm(HashedCredentialsMatcher matcher, MemoryConstrainedCacheManager memoryConstrainedCacheManager) {
        UserRealm realm = new UserRealm();
        realm.setCredentialsMatcher(matcher);
        realm.setCacheManager(memoryConstrainedCacheManager);
        return realm;
    }

    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");
        matcher.setHashIterations(3);
        return matcher;
    }

    @Bean
    public ShiroDialect shiroDialect() {
        ShiroDialect dialect = new ShiroDialect();
        return dialect;
    }

    //针对类进行aop代理，因为shiro在使用注解的方式来实现对 请求进行验证
    @Bean
    public DefaultAdvisorAutoProxyCreator proxyCreator() {
        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);
        return creator;
    }

    //使注解生效的通知
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }

    @Bean
    public MemoryConstrainedCacheManager memoryConstrainedCacheManager() {
        MemoryConstrainedCacheManager constrainedCacheManager = new MemoryConstrainedCacheManager();
        return constrainedCacheManager;
    }
}
